Ok...here's another idea that I think would be useful in helping in fine tuning RegEx's, Keywords, etc. This may have been proposed before, but I have only been following the forum since last September.

In the quarantine area, you can double-click on a message to view it's raw source, including full headers. Frequently, I have had a need and to view a message as it was meant to be viewed...in a HTML browser type e-mail client. I believe it would help in sorting through all the raw source junk to "see" how certain functions embedded within the message actually work. I don't know about some of you other admins out there, but after several hours of weeding through thousands of e-mails per day (simply because my users are to lazy to check the quarantine area and manage their own spam, even though I have done everything ...including begging...LOL) only to find over time that the e-mails are quickly becoming embedded with so much extranious crap, that it;'s extremely difficult to figure out what they are trying to do and your eyes begin to play tricks on you.

If we had a second choice of how to view the messages, and in this case in HTML format (within a mini-browser window perhaps), it would really help to "see" what's going on within the message.

So, I propose a HTML viewer as well as the standard text viewer. This could simply be a button on the toolbar, or perhaps by right clicking on a message in the qaurantine, and having the two choices of how to view the contents of the quarantined message that is being scrutinized. I believe this would aid in identifying patterns or other ways to find a method to block certain messages.

Is this done with ASP? or another scripting language? In any event, yes I'd love to see what youv'e come up with. It doesn't really matter where it's doe I suppose, but it sure would be nice to see how some of this HTML cobbled together, and then maybe I can find new ways to block some of the more annoying and persisitant spam.

While having HTML views can be very convenient, that can be also very dangerous. Viruses are very common in emails. It is fairly simple to craft an html email messages to cause the viewer, especially if the viewer is based on Internet Explorer, to attempt to autorun code in the email itself. Internet Explorer is vulnerable to buffer overruns, and since the quarantined emails are likely to contain bad emails, it would be dangerous to expose users to those messages, especially when new unknown viruses are released. The Outlook client nowdays blocks dangerous html content by default, but decoding the html without any checks and presenting it to the user in a browser could be dangerous.

The same applies to the GUI. We could easily present the emails in html view, but the viewer would be based on IE, and thus the potential of infecting the server would always be lingering. We've looked into the possibility of using a non-IE based viewer, but the process became too complex and we abandoned it.

This wasn't really meant for public release. I was just helping Chuck on a way for him to develope his black/white list as an administrator, by being able to see what the message looks like in HTML. Please note that we use this feature only in our Administrator Web Console. I do see the risk if this is given to users, but for admins it is very useful. Therefore this should probablly not be release in SpamFilterISP as a feature, but use the ASP technique I list if you were to need to view some emails as HTML to better your filter list. Sorry to stir up any controversy.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot delete your posts in this forumYou cannot edit your posts in this forumYou cannot create polls in this forumYou cannot vote in polls in this forum